package org.leveryd.controller;

import com.zaxxer.hikari.pool.HikariProxyConnection;
import org.leveryd.dao.User;
import org.leveryd.mapperInterface.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class testMybatis {

    @Autowired      // 为什么不推荐注入属性？
    UserMapper userMapper;

    @ResponseBody
    @RequestMapping("/testHelloMybatis")
    public String testHelloMybatis() {
        User u = userMapper.FindFirstUser();
        return u.getUsername();
    }

    @ResponseBody
    @RequestMapping("/user")
    public String findUserByName(@RequestParam("name") String name) {
        User u = userMapper.FindUserByName(name);
        return u.getUsername() + "," + u.getPassword();
    }

    @ResponseBody
    @GetMapping("/sqli/orderby")
    public String testSqlInjection1(@RequestParam("order") String order) {
        User u = userMapper.TestOrderBySqli(order);
        return u.getUsername() + "," + u.getPassword();
    }
}
